Ombra, security is all about trust and you appear not to trust anything or anyone else.

So that leaves you with the only option of trusting yourself, and doing the grunt work of analyzing kernel source / configs to make sure that you trust what is running on your system (a feature that is only possible with open source, btw).

But instead of getting down to the task, you seem to be saying that it's too hard for a 'newbie', and painting yourself into a bit of a logical corner. You also list quite a random set of software that I can only presume you've heard bad things about on forums (uboot, really?) without checking them out for yourself.

So, please have at least one attempt at following some of the suggestions given here before posting - I think you will then find the comments given more helpful than frustrating (for everyone involved).

For building your own kernel, and understanding what the config file options are all about I can heartily recommend the book Linux kernel In A Nutshell (free in PDF format at http://www.kroah.com/lkn/)

nelz wrote:Intel is one of the major contributors to the kernel, most of it related to hardware support. Even the one item that is vaguely DRM-related is only support for specific Intel business hardware and not affecting user-owners.

Most importantly - even the parts you object too are open source and therefore completely under your control on any computer you administer.

"Intel is one of the major contributorsto the kernel"I did not know that...but it does explain much.

I can only state again what should be obvious, until I learn how to erase this stuff it most definitely ain't under my control. As I see it, the coming timeline breaks down like this. I get PC, figure out how to install XP Pro on one HD, and who knows what Linux distro on the other. It looks like I got no choice but to use distro having my much hated Trusted Computing rot, so absolute best I can hope for is to find distro with it not enabled. I figure it to take about a year for me to become as comfortable with Linux as I am with XP. At that point, I will have to begin teaching myself how to reconfigure/rebuild kernel. No telling how long that will take. Only when that is done will I really have "control". Until then I got no control, no choice...unless you think 'take it or leave it' qualifies.

nelz wrote:Intel is one of the major contributors to the kernel, most of it related to hardware support. Even the one item that is vaguely DRM-related is only support for specific Intel business hardware and not affecting user-owners.

"Intel is one of the major contributorsto the kernel"I did not know that...but it does explain much.

Nice one, by removing all context from that quote you have managed to completely change its implication.

Ombra wrote:I can only state again what should be obvious, until I learn how to erase this stuff it most definitely ain't under my control.

But learning to do it is completely under your control. As is convincing yourself that it is too difficult for you. It goes like this

Install a distro you likeInstall the kernel source packageRead up on recompiling a kernelRun make menuconfig and disable the options you hate enough to create a five page thread over but not enough to read a one page howtoCompile the kernelRebootIf it works, great. If not, reboot back to your original kernel, run menuconfig again and tweak the settings until it does.

Ombra wrote:I will have to begin teaching myself how to reconfigure/rebuild kernel. No telling how long that will take.

As long as it takes you to get around to trying to do it, plus a few hours - so you're probably right in your estimation of a year.

"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)